apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig

metadata:
  name: gmst-eks-cluster
  region: ap-northeast-2
  version: "1.34"

vpc:
  subnets:
    private:
      private-a: { id: subnet-00496a62d8bc0c4bb }
      private-b: { id: subnet-0f1bbf64b4af39e51 }

  clusterEndpoints:
    publicAccess:  true
    privateAccess: true

iamIdentityMappings:
  - arn: arn:aws:iam::003150130236:user/admin
    groups:
      - system:masters
    username: root-admin
    noDuplicateARNs: true

cloudWatch:
  clusterLogging:
    enableTypes: ["*"]

secretsEncryption:
  keyARN: arn:aws:kms:ap-northeast-2:003150130236:key/f2d40e20-52e9-464e-908c-a9bf319395d5

managedNodeGroups:
  - name: gmst-app-nodegroup
    labels: { skills: app }
    instanceType: t3.medium
    desiredCapacity: 2
    minSize: 2
    maxSize: 10
    volumeType: gp2
    volumeEncrypted: true
    privateNetworking: true
    instanceName: gmst-app-node
    subnets:
      - private-a
      - private-b
    iam:
      withAddonPolicies:
        imageBuilder: true
        autoScaler: true

  - name: gmst-addon-nodegroup
    labels: { skills: addon }
    instanceType: t3.medium
    desiredCapacity: 2
    minSize: 2
    maxSize: 10
    volumeType: gp2
    volumeEncrypted: true
    privateNetworking: true
    instanceName: gmst-addon-node
    subnets:
      - private-a
      - private-b
    iam:
      withAddonPolicies:
        awsLoadBalancerController: true
        autoScaler: true